php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68677 use-after-free
Submitted: 2014-12-29 02:50 UTC Modified: 2015-03-18 12:39 UTC
From: bugreports at internot dot info Assigned: kaplan (profile)
Status: Closed Package: opcache
PHP Version: master-Git-2014-12-29 (Git) OS: Linux Ubuntu 14.04
Private report: No CVE-ID: 2015-1351
 [2014-12-29 02:50 UTC] bugreports at internot dot info
Description:
------------
Hi,

In /ext/opcache/zend_shared_alloc.c there is a use-after-free:


347        if (free_source) {
348                efree(source);
349        }
350        zend_shared_alloc_register_xlat_entry(source, retval);


Thanks,


Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-12-30 03:00 UTC] aharvey@php.net
-Package: *General Issues +Package: opcache
 [2015-01-08 08:38 UTC] laruence@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115
Log: Fixed #68677
 [2015-01-08 08:38 UTC] laruence@php.net
-Status: Open +Status: Closed
 [2015-03-18 12:39 UTC] kaplan@php.net
-Assigned To: +Assigned To: kaplan -CVE-ID: +CVE-ID: 2015-1351
 [2015-03-31 22:47 UTC] kaplan@php.net
Automatic comment on behalf of kaplanlior@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a32c8ba719493fd2b4700c4f7db1ef130ceb7661
Log: Fixed bug #68739 (Missing break / control flow). Fixed bug #68740 (NULL Pointer Dereference). Fixed bug #68677 (Use After Free).
 [2015-03-31 22:47 UTC] kaplan@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=0a8f28b43212cc2ddbc1f2df710e37b1bec0addd
Log: Fixed bug #68677 (Use After Free in OPcache)
 [2015-03-31 22:56 UTC] kaplan@php.net
Automatic comment on behalf of kaplanlior@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a32c8ba719493fd2b4700c4f7db1ef130ceb7661
Log: Fixed bug #68739 (Missing break / control flow). Fixed bug #68740 (NULL Pointer Dereference). Fixed bug #68677 (Use After Free).
 [2015-03-31 22:56 UTC] kaplan@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=0a8f28b43212cc2ddbc1f2df710e37b1bec0addd
Log: Fixed bug #68677 (Use After Free in OPcache)
 [2015-03-31 23:02 UTC] kaplan@php.net
Automatic comment on behalf of kaplanlior@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a32c8ba719493fd2b4700c4f7db1ef130ceb7661
Log: Fixed bug #68739 (Missing break / control flow). Fixed bug #68740 (NULL Pointer Dereference). Fixed bug #68677 (Use After Free).
 [2015-03-31 23:02 UTC] kaplan@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=0a8f28b43212cc2ddbc1f2df710e37b1bec0addd
Log: Fixed bug #68677 (Use After Free in OPcache)
 [2016-07-20 11:40 UTC] davey@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115
Log: Fixed #68677
 [2022-12-27 02:01 UTC] 29611472 at qq dot com
The following pull request has been associated:

Patch Name: Fix issue with pt_BR not being updated
On GitHub:  https://github.com/php/systems/pull/15
Patch:      https://github.com/php/systems/pull/15.patch
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 08:01:29 2024 UTC